CVE-2023-46823 WordPress ImageLinks Interactive Image Builder Plugin <= 1.5.4 is vulnerable to SQL Injection

2023-11-0609:15:09

CWE-89

Patchstack

www.cve.org

cve-2023 wordpress imagelinks interactive image builder plugin sql injection

0.001 Low

EPSS

Percentile

19.3%

JSON

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Avirtum ImageLinks Interactive Image Builder for WordPress allows SQL Injection.This issue affects ImageLinks Interactive Image Builder for WordPress: from n/a through 1.5.4.

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "imagelinks-interactive-image-builder-lite",
    "product": "ImageLinks Interactive Image Builder for WordPress",
    "vendor": "Avirtum",
    "versions": [
      {
        "changes": [
          {
            "at": "1.6.0",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "1.5.4",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/imagelinks-interactive-image-builder-lite/wordpress-imagelinks-interactive-image-builder-for-wordpress-plugin-1-5-4-sql-injection-vulnerability?_s_id=cve

0.001 Low

EPSS

Percentile

19.3%

JSON

Related for CVELIST:CVE-2023-46823